Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/h_WnjSD0VB9HVq0qbZ7Bt7LlwxM.roa
File: h_WnjSD0VB9HVq0qbZ7Bt7LlwxM.roa (raw, json)
Hash identifier: rxZssnsZ5g5J2O4BpqjxUBYzb9/arluw7hKUCmUm1B0=
Subject key identifier: 87:F5:A7:8D:20:F4:54:1F:47:56:AD:2A:6D:9E:C1:B7:B2:E5:C3:13
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C2D76A424D807062619B95C3E8604F98C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/h_WnjSD0VB9HVq0qbZ7Bt7LlwxM.roa
Signing time: Sun 03 Dec 2023 02:16:39 +0000
ROA not before: Sun 03 Dec 2023 02:16:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2d:76:a4:24:d8:07:06:26:19:b9:5c:3e:86:04:f9:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 3 02:16:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87f5a78d20f4541f4756ad2a6d9ec1b7b2e5c313
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e9:4b:de:d4:c4:31:5d:a6:50:b1:f0:d6:be:
c9:28:6d:e3:dd:ed:02:ab:7c:52:7d:2a:5c:df:14:
76:52:15:98:6b:bc:f5:0e:a5:43:06:24:1d:14:01:
ab:0e:9b:37:0c:77:b2:9b:89:47:45:27:a4:53:c7:
dd:d8:65:22:4e:22:58:a9:fd:65:cf:d0:33:ac:0b:
46:50:04:0c:55:01:1e:44:8e:fe:66:d5:b4:70:c5:
6a:53:09:d8:de:cc:5f:08:17:0f:e4:d5:3c:db:15:
5e:e6:cc:28:29:36:c2:c2:0a:af:e6:69:39:d6:06:
68:d6:b9:37:8d:38:4c:2a:29:6d:7e:6d:c2:1d:07:
5f:f1:82:f4:0c:b4:2b:9d:33:2b:6a:bb:90:c8:fe:
87:7e:2d:2f:fc:d9:62:04:61:5f:94:9b:89:8f:f5:
16:16:70:69:64:cd:ee:f0:b6:ac:cf:0c:dc:dd:8c:
96:d3:b9:0e:af:98:fe:47:57:ae:aa:e9:73:5f:10:
7a:df:1b:cf:36:45:f9:e9:7d:df:a8:26:d7:4a:bf:
0b:9b:24:9c:15:4e:d8:f7:7a:2a:71:bb:90:23:af:
bf:4f:82:2f:6f:20:d9:7a:a6:9e:45:be:4a:e2:e7:
d7:74:a6:3a:3f:68:09:1c:fc:ea:f4:4c:01:4e:de:
de:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F5:A7:8D:20:F4:54:1F:47:56:AD:2A:6D:9E:C1:B7:B2:E5:C3:13
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/h_WnjSD0VB9HVq0qbZ7Bt7LlwxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d2:6b:10:bd:07:2b:5f:5b:d5:3b:32:8b:70:ea:97:e6:bd:07:
3f:ff:81:50:2a:38:5f:85:78:0e:a7:c7:50:99:98:87:5e:15:
ef:c4:be:9b:42:fa:40:64:aa:2a:78:3c:44:6c:91:aa:e6:46:
67:11:6c:1d:75:95:3c:f9:c5:00:00:96:4e:8c:b0:a3:1d:fb:
cc:fc:4e:75:e0:2a:c8:c6:cb:59:22:92:de:09:b9:34:3e:d8:
fb:db:a6:3f:b3:b2:ad:f6:be:a2:a6:13:d7:53:dd:c2:ba:15:
87:8a:65:6b:2c:10:aa:53:df:5e:40:82:82:d1:23:04:40:65:
7e:6a:06:02:77:b8:3e:ee:cd:a2:63:c5:77:85:0a:9d:fb:11:
83:18:f3:71:6f:f8:2e:fb:a8:d4:7a:b1:56:00:b4:57:be:6d:
10:a9:7b:d2:08:84:3c:b1:cd:0e:50:3f:9c:14:6d:20:e7:8f:
a3:f4:ec:71:c2:ff:c2:4e:50:72:1b:c0:20:9f:cf:56:90:8f:
a3:b5:22:c3:c7:b9:45:07:d4:ff:c2:9b:e7:f2:07:9d:15:42:
a7:ec:3e:a1:3a:25:31:c3:98:b1:ca:36:ab:3b:f5:0a:8c:ae:
ef:87:af:7b:3c:2a:b3:89:3d:a4:21:8d:3c:06:25:a9:8b:74:
1e:de:ae:b3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwtdqQk2AcGJhm5XD6GBPmMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjAzMDIxNjM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2Y1YTc4ZDIwZjQ1NDFmNDc1NmFkMmE2ZDllYzFiN2IyZTVjMzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqelL3tTEMV2mULHw1r7JKG3j3e0C
q3xSfSpc3xR2UhWYa7z1DqVDBiQdFAGrDps3DHeym4lHRSekU8fd2GUiTiJYqf1l
z9AzrAtGUAQMVQEeRI7+ZtW0cMVqUwnY3sxfCBcP5NU82xVe5swoKTbCwgqv5mk5
1gZo1rk3jThMKiltfm3CHQdf8YL0DLQrnTMraruQyP6Hfi0v/NliBGFflJuJj/UW
FnBpZM3u8Laszwzc3YyW07kOr5j+R1euqulzXxB63xvPNkX56X3fqCbXSr8LmySc
FU7Y93oqcbuQI6+/T4IvbyDZeqaeRb5K4ufXdKY6P2gJHPzq9EwBTt7eXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIf1p40g9FQfR1atKm2ewbey5cMTMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaF9XbmpTRDBWQjlIVnEwcWJaN0J0N0xsd3hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANJrEL0HK19b1Tsyi3Dq
l+a9Bz//gVAqOF+FeA6nx1CZmIdeFe/EvptC+kBkqip4PERskarmRmcRbB11lTz5
xQAAlk6MsKMd+8z8TnXgKsjGy1kikt4JuTQ+2Pvbpj+zsq32vqKmE9dT3cK6FYeK
ZWssEKpT315AgoLRIwRAZX5qBgJ3uD7uzaJjxXeFCp37EYMY83Fv+C77qNR6sVYA
tFe+bRCpe9IIhDyxzQ5QP5wUbSDnj6P07HHC/8JOUHIbwCCfz1aQj6O1IsPHuUUH
1P/Cm+fyB50VQqfsPqE6JTHDmLHKNqs79QqMru+Hr3s8KrOJPaQhjTwGJamLdB7e
rrM=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:29:23 2025 by rpki-client